ToorCamp 2012: Tribes & Technology – tripwire.com
I recently returned from a week on the Olympic Peninsula at ToorCamp where I presented a talk and stayed the week attending workshops, learning electronics, picking locks and other activities.

Mobile Hacking 101 – ethicalhacker.net
Next item on the board meeting agenda: the war on smartphones! For some time now, smartphones have been quietly creeping into our society and slowly infiltrating our families and companies. It started off simply enough: the CEO’s husband bought her an iPad for Christmas, and she thought it would be pretty savvy to be able to answer work email on it at a business meeting half way around the world.

Black Hat USA 2012 update – census.labs.com
This year we have presented our research work at Black Hat USA 2012, the leading information security conference. Our researchers Patroklos Argyroudis and Chariton Karamitas visited Caesar’s Palace at Las Vegas, Nevada and delivered the talk.

SecureLogix Releases 2012 State of Voice Security Report – voipsecurityblog.typepad.com
SecureLogix has officially released our State of Voice/UC Security report for 2012. I co-authored this report with Rod Wallace, our VP of services. The report has been out since March, but we have made it available for any and all via our website.

New Linux Distro for Mobile Security, Malware Analysis, and Forensics – resources.infosecinstitute.com
Yes, you read the title right and I hope I just grabbed your attention! A new GNU/Linux distribution or distro designed for helping you in every aspect of your mobile forensics, mobile malware analysis, reverse engineering and security testing needs and experience has just been unleashed and its alpha version is now available for download for you to try out.

SQL Server 2008 Local Administrator Privilege Escalation – netspi.com
Unlike previous versions, SQL Server 2008 and 2012 don’t provide local system administrators with database administrator rights by default. This was a great idea by Microsoft to reinforce the practices of least privilege and separation of duties. However, in spite of the fact that their heart was in the right place, it was implemented in such a way that any local administrator (or attacker) can bypass the restriction.

Why I Choose PowerShell as an Attack Platform – exploit-monday.com
Since the inception of PowerShell, it has been a blessing for Windows administrators everywhere. As Don Jones so eloquently puts it, “you can either learn PowerShell, or learn to ask, ‘would you like fries with that?’” I couldn’t agree with that sentiment more. After all, with server core being the default installation option of Windows Server 2012, knowledge of PowerShell is becoming increasingly crucial.

The Exploit Magazine 01/2012 – theexploitmag.com
Dear Readers, we proudly present you The ExploitMag. We decided to launch entirely new magazine devoted to exploits. In this very first issue we focused on Metasploit Framework. In the nearest future, you can expect publications on: DoS Attacks, SOAP, WSDL hacking and more.

Simple but Extremely Useful Windows Tricks – blog.opensecurityresearch.com
Navigating Windows in the most efficient manner possible can be seen as wizardry– it almost seems as if Microsoft tries to make it increasingly more difficult to accomplish simple things. However, there are plenty of very useful tricks and shortcuts built into Windows, the problem is they are not publicized very well. Students in our Ultimate Hacking Courses usually find these Windows tips useful, so we figured we would share them.

Stealing the Keys to the Kingdom through SQL injection – pentestgeek.com
Recently I was conducting a penetration test for a very large high profile client. The network itself had over 5500+ nodes and nearly 400 subnets. I started out using one of my new tactics by utilizing Nmap’s new http-screenshot.nse script.

building isecpartners ios-ssl-kill-switch tweak – greenoperator.tumblr.com
For some time it has been a challenge to trap SSL traffic from iOS applications in a web proxy tools such as Fiddler or WebScarab. iOS application in many cases performed Certificate Pinning which checked for specific information within the SSL certificate before accepting allowing the application to complete a request.

[]{}!+ characters. You can try it here, or grab it from github or npm. Keep on reading if you want to know how it works.

XMPPloit: A Tool to Attack XMPP Connections! – pentestit.com
A new day and a new tool from the Blackhat USA 2012 tool arsenal – XMPPloit! Before we talk about the tool itself, let us first know what XMPP is. XMPP stands for Extensible Messaging and Presence Protocol and is a streaming XML protocol that was previously named Jabber.

Backtrack 5 r3 List of (some of the) new Tools and Programs – cyberarms.wordpress.com
What are the new utilities included with Backtrack 5r3? I couldn’t find a list, so I decided to make one myself comparing BT5r2 with the latest version. This is not an exhaustive list, but hopefully it will help people see some of the very cool new tools and programs added to Backtrack.

nishang – code.google.com
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.

Vendor/Software Patches

Microsoft Security Bulletin

Microsoft Security Bulletin MS12-043 – Critical – technet.microsoft.com
This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker’s website.

Microsoft Security Bulletin MS12-053 – Critical – technet.microsoft.com
This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Microsoft Security Bulletin MS12-054 – Critical – technet.microsoft.com
This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted response to a Windows print spooler request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems connected directly to the Internet have a minimal number of ports exposed.

Microsoft’s Free Security Tools – BinScope Binary Analyzer – blogs.technet.com
This article in our series focused on Microsoft’s free security tools is on a tool called BinScope Binary Analyzer. This tool can be helpful for both developers and IT professionals that are auditing the security of applications that they are developing or deploying/managing.

Update: InstalledPrograms.xls V0.0.2 – blog.didierstevens.com
I fixed InstalledPrograms as earthsound suggested: now I include 32-bit installations on 64-bit systems (provided you use 64-bit Excel).

Scanning SharePoint with PowerShell – obscuresecurity.blogspot.com
A few months ago, I published Get-HttpStatus – a PowerShell function that aides in generic directory and file fuzzing. In order to get it added to PowerSploit, Matt suggested several improvements and eventually made a few of his own.

UPDATE: Samurai Web Testing Framework 2 Final – pentestit.com
The Samurai Web Testing Framework is a live Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.

WoW, New Blizzard Password Dump? – novainfosecportal.com
Yesterday we came across an interesting Pastebin password dump from 8/15 that we noticed on OZDC.net called ”World of Warcraft Database Hacked 10[NEW].” It’s since been removed however given the possible breach of passwords Blizzard announced last week this particular dump caught our attention.

Other News

WikiLeaks Stirs Global Fears on Antiterrorist Software – nytimes.com
A new release of stolen corporate e-mails by WikiLeaks has set off a flurry of concern and speculation around the world about a counterterrorist software program called TrapWire, which analyzes images from surveillance cameras and other data to try to identify terrorists planning attacks.

Elusive FinSpy Spyware Pops Up in 10 Countries – bits.blogs.nytimes.com
FinFisher is a spyware product manufactured by the Gamma Group, a British company that sells surveillance technology. It says its spyware offers “world-class offensive techniques for information gathering.”

Could The New Air Traffic Control System Be Hacked? – npr.org
The Federal Aviation Administration is in the midst of a multibillion-dollar upgrade of the nation’s air traffic control system. The new system is called the Next Generation Air Transportation System, or NextGen.

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.